[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Questions on digest and signature algorithm identifiers in CMS

To: ietf-smime@xxxxxxx
Subject: Re: Questions on digest and signature algorithm identifiers in CMS
From: "Julien Stern" <julien.stern@xxxxxxxxxxxxx>
Date: Fri, 26 Jan 2007 15:42:26 +0100
In-reply-to: <45B9EDD4.9020009@xxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-id: <ietf-smime.imc.org>
List-unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Mail-followup-to: Julien Stern <julien.stern@xxxxxxxxxxxxx>, ietf-smime@xxxxxxx
References: <20070119100021.GN4036@xxxxxxxxxxxx> <7.0.0.16.2.20070119120707.040c3e10@xxxxxxxxxxxx> <20070119175315.GU4036@xxxxxxxxxxxx> <7.0.0.16.2.20070124193646.04af4940@xxxxxxxxxxxx> <20070125090319.GQ4036@xxxxxxxxxxxx> <7.0.0.16.2.20070125120250.04a6f9c8@xxxxxxxxxxxx> <20070125174418.GW4036@xxxxxxxxxxxx> <7.0.0.16.2.20070125135823.04aea938@xxxxxxxxxxxx> <20070126110031.GZ4036@xxxxxxxxxxxx> <45B9EDD4.9020009@xxxxxxxxxxxx>
Sender: owner-ietf-smime@xxxxxxxxxxxx
User-agent: Mutt/1.5.13 (2006-08-11)

On Fri, Jan 26, 2007 at 04:02:28AM -0800, Blake Ramsdell wrote:
> Julien Stern wrote:
> >I am just faced with a simple practical problem, namely: what is an
> >implementation supposed to do when it receives a CMS message where
> >the hash function in the digestAlgorithm and the signedAlgorithm
> >are not the same?  I mean, there must be quite a large number of CMS
> >implementations that were faced with the same problem!
> 
> [snip]
> 
> Now, a "tough guy" implementation might take the precaution that every 
> other implementation is crazy, and digest with every algorithm that they 
> understand. In my case, I always digest with MD5 and SHA-1. So I 
> personally don't listen to the digestAlgorithms field in SignedData or 
> the digestAlgorithm field in SignerInfo. When I get to the signature 
> verification, I say "OK, so which digest do I need" and use the right 
> one (or freak out if it's not one of those). So I never have the 
> heartache of betrayal from these fields, at the acceptable (in my case) 
> cost of performance.

Blake,

Thank you for your input.
I like your interpretation (considering the digest as a pure hint) too.

> >- What should be the behavior of a verification algorithm which is
> >faced with such a situation?
> 
> Not sure if it's specified anywhere, but that's up to the implementation 
> I would say.

OK. I guess I have my answer :) So, I'll go for either "reject"
or "use only digests as a hint".

Regards,

--
Julien

References:
- Questions on digest and signature algorithm identifiers in CMS
  - From: Julien Stern
- Re: Questions on digest and signature algorithm identifiers in CMS
  - From: Russ Housley
- Re: Questions on digest and signature algorithm identifiers in CMS
  - From: Julien Stern
- Re: Questions on digest and signature algorithm identifiers in CMS
  - From: Russ Housley
- Re: Questions on digest and signature algorithm identifiers in CMS
  - From: Julien Stern
- Re: Questions on digest and signature algorithm identifiers in CMS
  - From: Russ Housley
- Re: Questions on digest and signature algorithm identifiers in CMS
  - From: Julien Stern
- Re: Questions on digest and signature algorithm identifiers in CMS
  - From: Russ Housley
- Re: Questions on digest and signature algorithm identifiers in CMS
  - From: Julien Stern
- Re: Questions on digest and signature algorithm identifiers in CMS
  - From: Blake Ramsdell

Prev by Date: Re: Questions on digest and signature algorithm identifiers in CMS
Next by Date: Re: Questions on digest and signature algorithm identifiers in CMS
Previous by thread: Re: Questions on digest and signature algorithm identifiers in CMS
Next by thread: Re: Questions on digest and signature algorithm identifiers in CMS
Index(es):
- Date
- Thread